< All CompTIA Security+ Notes

Raul | CompTIA Security+ | Module 1

By: Raul Pop | Related Course: CompTIA Security+ | Published: May 23, 2017 | Modified: May 27, 2017
Join Cybrary


Firewalls-what they are

Firewalls -what they do


Type of firewalls

-packet inspection

-application filtering

-stateful firewalls


Internal Network-Firewall-WebServer-Firewall2-Internet

Firewall2-application filtering,packet inspection


NotepadNetwork Address Translation


1)10 computers cannot communicate with internet

2) we implement a proxy

3)proxy process the packet

4)NAT is a sub function that controls/delivers specific address for identification

5)Give you caching


NotepadNetwork Administration Principles

1)Rule base Management

-allow/deny the traffic


2)Secure Router Management

-secure routers


3)Access Control lists

-determine what users/systems have access


4)Port Security

-logical access/physical access

-802.1x Implement for protection(secure device)


5)All types of flood guards


-standalone devices or devices that are built into your firewall to ensure that they keep your network safe. Flood guards, when we have different, we could have different types of floods, you could have ping flood, a sync flood or all other types of floods.

-these are for securing devices against DOS(DDOS)


6)Loop Protection

-Spanning Tree Protocol

-Implicit Deny

7)Log analysis

-event logs

-successful logs

-failures logs

-incident logs

-security incident event manager

-unified threat management



NotepadNetwork Design Elements

1)DMZ(Demilitarized zone)


Internal network–>Network—>Firewall<—WebServer—>Firewall—>Internet(Public)


2)Remote Access





-Desk phones


-Voice encryption

-War dialing


4)NAC(Network Access Control)


Remediation Server


Health check Server(Baseline)

Domain Controller

User PC (if the PC doesn’t meet the requirements its going to be direct to Remediation Server)


5) Virtualization

1)One System

2) Multi Boot Systems

3)Virtualization->Host PC->Hypervisor–>Install many systems(virtual machine)

Hipervisor use internal Processor,RAM,Port,hardware


-Microsoft Virtual PC

-Windows Virtual PC

-Hyper V

-Virtual Box

-VM Ware

-VM Fusion

-Security Problem

 Secure your host machine or secure entire hypervisor(virtual machine).

Resource->BIOS Configuration->Padlock->Door Lock->CCTU->Physical (Guards)




NotepadProtocols and their Port

BEGIN S (Security)=SSH

END S (Secure)=SSL


1)SSH-Security Shell

-secure packets,protocols,messages that move the internet.It’s like you put a shell around your messages

-port 22


2)SSL-Secure socket layer

-end to end security across the internet



3)FTP-File Transfer Protocol

-transfer file to network



-transmission in plaintext


5)CP-Copy Protocol



7)HTTP-Hypertext transfer protocol

-navigate to internet

-port is 80


9)TFTP-Trivial File Transfer Protocol 69

-we send and received file through network

10)RDP-Remote Desktop Protocol

-Port 3389


-port 23

12)SNMP-Simple Network Management Protocol

-we gather configuration parameters from device through network

-monitor performance device

-port 160,161,162


13)SMTP-Simple Mail Transfer Protocol

-protocol allows email to move from one server to another server

-port number 25


14)DNS-Domain Name Service

-port 53

-name resolution across to internet

15)POP3-Post office protocol

-we retrives  email from the server and delete from server

-port 110

16)IMAP-Internet Message Access Protocol

-search for specific messages

-can arhive emails

-port 143


17)ICMP- Internet Control Message Protocol

-ping command

-ping floods for attack can be used

-ping sometimes can be blocked by someone







Proxies are devices or servers:

-Forwarding Proxies

-Reverse Proxies

10 Computers(Private Network)–>Proxy(Public Address)–>Internet

Private address are converted to Public Address(Network Address Transmission(NAT))


-Multiple computers

-10 private address-1 public address


-offers some security(bad guys cant see proxy server not internal server)

NotepadReverse proxy

PC USER   –>  Reverse Proxy–>  Webserver

if its legimated allowed it is going to webserver

if its malicious will be blocked

out coming traffic inspection

reverse proxies are set up to defend web servers

NotepadSubnet mask

Subnet mask

is a CLASS C! ID)

-network portion of the name

-the host portion of the name


class A

class B

class C

The 255 is network portion

The 0 is host portion



                 24       0 0 0 0 0 0 0 0

delete 3 zeros from left


2^3=8 subnets



Network id   1st valid      broadcast     last valid 192 168.1.1              1.33                  .63               .62              1.65                 .95                .94              1.97                 127              .126             1.161              154              .158             1.193             244              .190            1.225              255              .223







1 1 1 1 1 1 1 1

128 64 32 16 8 4 2 1


Transmission Control Protocol

-Connection oriented

-Proper sequencing

-Sliding window

-Guaranteed Delivery


Intern Protocol

-Logical addressing





-32 bit address

-expressed decimals

-4 octets

-each octet is 8 bits

-by period spaced





E= Test IP


Private IP

A =>

B =>

C =>


Manual Method->Static IP

-Very slowly for many systems

-prone to errors


Automatic Method->Dynamic IP

-very fast

– DHCP (Dynamic Host Configuration Protocol) installed on server

-DHCP Scope (a range,leased out)

-Reservation based on MAC address you can get a specific IP configured by DHCP


Automated Private IP address



-128 bit


-8 quartets

-punctuated by colon signs



If you have zero to start you can shrink






NotepadVPN Concentrators

Internal Network–>VPN Concentrator–>Internet(VPN—-Remote users)

-process/robust device

-encryption/decryption the packets

-facility the decryption the traffic which is going to internal network and is going encrypted to internet

NotepadWireless Access Point

Wireless Access Point

1)Antenna Placement

-Do site survey(formal,informal)



-SSID,Admin ID,Password(change them)


-Default is enable

-Disable SSID Broadcast


4)Use Password




6)Chat marks(warchaking)


7)Access Control

-Mac Filtering







9)Signal Speed


-Power level control

NotepadWirelss Access Point 2

Wireless Access Point

-Antenna Placement

site survey


-Change the settings

ssid,account name,password



service set identifier

enable broadcast

disable boardcast


-Power level controls

increase or decrease

spread the signal


-Mac Filtering


-Captive Portals






< All CompTIA Security+ Notes
Join Cybrary

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge


We recommend always using caution when following any link

Are you sure you want to continue?